The event that has gripped the tech and libertarian community over the past 48 hours has been Tim Cook's stern refusal to comply with a subpoena demanding that Apple unlock the iPhone 5C belonging to one of the San Bernardino shooters for a full FBI inspection.
As reported previously, Judge Sheri Pym of U.S. District Court in Los Angeles said on Tuesday that Apple must provide "reasonable technical assistance" to investigators seeking to unlock data on - in other words hack - an iPhone 5C that had been owned by Syed Rizwan Farook, one of the San Bernardino shooters.
So far Tim Cook has refused to comply, saying said his company opposed the demand from the judge to help the FBI break into the iPhone. Cook said that the demand threatened the security of Apple's customers and had "implications far beyond the legal case at hand."
He added that "the government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals," he said. "We can find no precedent for an American company being forced to expose its customers to a greater risk of attack."
Cook's summary:
"The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge."
On the surface, this appears like valiant attempt by the CEO of the world's most valuable company to stand up against the Big Brother state made so famous in the aftermath of the Edward Snowden revelations.
However, a quick peek beneath the surface reveals something far less noble and makes Tim Cook seem like you average, if very cunning, smartphone salesman.
According to the The Daily Beast's Shane Harris, in a similar case in New York last year, Apple acknowledged that it could extract such data if it wanted to. But the real shocker is that according to prosecutors in that case, Apple has unlocked phones for authorities at least 70 times since 2008. (Apple doesn’t dispute this figure.)
As Harris observantly adds, "in other words, Apple’s stance in the San Bernardino case may not be quite the principled defense that Cook claims it is."
Here are the details of the NY case:
In New York, as in California, Apple is refusing to bypass the passcode feature now found on many iPhones.
But in a legal brief, Apple acknowledged that the phone in the meth case was running version 7 of the iPhone operating system, which means the company can access it. “For these devices, Apple has the technical ability to extract certain categories of unencrypted data from a passcode locked iOS device,” the company said in a court brief.
Whether the extraction would be successful depended on whether the phone was “in good working order,” Apple said, noting that the company hadn’t inspected the phone yet. But as a general matter, yes, Apple could crack the iPhone for the government. And, two technical experts told The Daily Beast, the company could do so with the phone used by deceased San Bernardino shooter, Syed Rizwan Farook, a model 5C. It was running version 9 of the operating system.
Still, Apple argued in the New York case, it shouldn’t have to, because “forcing Apple to extract data… absent clear legal authority to do so, could threaten the trust between Apple and its customers and substantially tarnish the Apple brand,” the company said, putting forth an argument that didn’t explain why it was willing to comply with court orders in other cases.
“This reputational harm could have a longer term economic impact beyond the mere cost of performing the single extraction at issue,” Apple said.
In other words, it was all about the brand. Which leads to Harris' damning punchline:
Apple’s argument in New York struck one former NSA lawyer as a telling admission: that its business reputation is now an essential factor in deciding whether to hand over customer information.
Others agreed: "I think Apple did itself a huge disservice,” Susan Hennessey, who was an attorney in the Office of the General Counsel at the NSA, told The Daily Beast. The company acknowledged that it had the technical capacity to unlock the phone, but “objected anyway on reputational grounds,” Hennessey said. Its arguments were at odds with each other, especially in light of Apple’s previous compliance with so many court orders.
Curiously, it was not until after the revelations of former-NSA contractor Edward Snowden that Apple began to position itself so forcefully as a guardian of privacy protection in the face of a vast government surveillance apparatus, Harris adds. Perhaps Apple was taken aback by the scale of NSA spying that Snowden revealed. Or perhaps it was embarrassed by its own role in it. The company, since 2012, had been providing its customers’ information to the FBI and the NSA via the so-called PRISM program, which operated pursuant to court orders.
The NSA made it quite clear that Apple customers are their favorite in a presentation that was disclosed by Snowden:
That... and the revelation that on at least 70 previous occasions AAPL had complied with a comparable unlock request.
However, with such a high profile case, perhaps a light bulb went off over Tim Cook's head, one which Harris once again explains best:
... it may have as much to do with public relations as it does with warding off what Cook called “an unprecedented step which threatens the security of our customers."
After all, what better way to boost sagging iPhone sales for the company whose stock recently entered a bear market than by being constantly talked about in the media 24/7, a company which has taken on the admirable role of being the noble David taking on the evil Big Brother Goliath.
But while AAPL milking the San Bernardino deaths for its own PR campaign is deplorable if perfectly reasonable, what is more disturbing is that for the government to play along, it must be in on the plot. Here why:
For now, Apple is resisting the government on multiple grounds, and putting its reputation as a bastion of consumer protection front and center in the fight. None of this has stopped the government from trying to crack the iPhone, a fact that emerged unexpectedly in the New York case. In a brief exchange with attorneys during a hearing in October, Judge James Orenstein said he’d found testimony in another case that the Homeland Security Department “is in possession of technology that would allow its forensic technicians to override the pass codes security feature on the subject iPhone and obtain the data contained therein.”
That revelation, which went unreported in the press at the time, seemed to undercut the government’s central argument that it needed Apple to unlock a protected iPhone.
* * *
There was no further explanation of how Homeland Security developed the tool, and whether it was widely used. A department spokesperson declined to comment “on specific law enforcement techniques.” But the case had nevertheless demonstrated that, at least in some cases, the government can, and has, managed to get around the very wall that it now claims impedes lawful criminal investigations.
Said otherwise, the true trajedy here is not if Apple is engaging in another public relations stunt, but if the government - which is perfectly capable of extracting whatever information it wants from the iPhone - is actively aiding and abeting this cheap attempt to peddle more iPhones to the masses.